Техническая информация
- [<HKLM>\SYSTEM\ControlSet001\Services\Windows Winhp Update Service] 'Start' = '00000002'
- %PROGRAM_FILES%\WinsHelp\winhpu.exe /start /i
- %PROGRAM_FILES%\WinsHelp\ukdb.dat
- %PROGRAM_FILES%\WinsHelp\sqlite3.dll.tmp
- %PROGRAM_FILES%\WinsHelp\uninst1.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\do[1].php
- %PROGRAM_FILES%\WinsHelp\winhpu.exe.tmp
- %PROGRAM_FILES%\WinsHelp\winhps61.dll.tmp
- %TEMP%\~nsis\c3h011\winhps61.dll
- %TEMP%\nsi2.tmp
- %TEMP%\~nsis\c3h011\sqlite3.dll
- %PROGRAM_FILES%\WinsHelp\winhpb61.dll.tmp
- %TEMP%\nsd3.tmp\System.dll
- %TEMP%\nsd3.tmp\System.dll
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\do[1].php
- 'ac#.##nshelp.net':80
- ac#.##nshelp.net/do.php?a=#########################################################################################################################################################################################################
- DNS ASK ac#.##nshelp.net